Seeing Through the Clouds: Preventing Breaches in a Cloud Based Environment

  • Thursday, 04/06/2017: 1:15 PM - 2:00 PM
  • Room: Exhibit Hall Education Room
  • Session Number:  EHS5:


In light of breaches in which cloud environments played a role, such as the IRS, Target, Yahoo!, the scrutiny in which cloud service providers (CSPs) are under has increased tremendously over the past year. So how can we protect data stored in the cloud? As more technologies move to the cloud, the cybersecurity risks inherent to new technical environments leaves CSPs looking for ways to secure their systems. A-LIGN Partner, Gene Geiger, will identify the cybersecurity problems that put CSPs at risk and describe how to mitigate those risks. In addition to detailing how to educate employees to improve human security, he will provide information on recent breaches, the cybersecurity landscape as a whole, potential risk-factors, and how to manage new challenges and governance that could affect cloud computing. Key cloud risks include: compliance risks; loss of governance; data protection; and security vulnerabilities. After taking these risks into account, cloud providers are faced with the daunting task of choosing an audit that fulfills the needs of clients and business associates, while minimizing vulnerabilities intrinsic to the cloud environment. Depending on the unique needs of your environment, audit options range from: SSAE 16, SOC 2, FedRAMP, FISMA, ISO 27001, HITRUST, HIPAA/HITECH and PCI DSS. Geiger will provide guidance on which audit is best suited for your organization, while describing common pitfalls to be aware of when receiving these audits. This session will involve participants gaining an understanding of today’s cloud computing environment, the breach landscape, actionable takeaways for cloud providers to improve their system security immediately, and how to select the proper audit for your organization.


Gene Geiger